FortiWLC - Denial of service due to dereferencing of undefined pointer Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-002 Final 1 1 2022-04-05T00:00:00 Current version 2022-04-05T00:00:00 2022-04-05T00:00:00 An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command. Execute unauthorized code or commands At leastFortiWLC version 8.0.6FortiWLC version 8.1.2 through 8.1.3FortiWLC version 8.2.4 through 8.2.7FortiWLC version 8.3.0 through 8.3.3FortiWLC version 8.4.0 through 8.4.8FortiWLC version 8.5.0 through 8.5.5FortiWLC version 8.6.0 through 8.6.2 Please upgrade to FortiWLC version 8.6.3 or above. Fortinet is pleased to thank a FortiWLC customer for bringing this issue to our attention. CVE-2021-26093 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H/E:P/RL:X/RC:R https://fortiguard.fortinet.com/psirt/FG-IR-21-002 FortiWLC - Denial of service due to dereferencing of undefined pointer Reference>